<?php
session_start();
//session_register('login_state');

?>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<?
//=====================================================
$path = '../';
include($path."common.php");
include($path."prod_fun.php");
//=====================================================
for($i=1 ; $i<=count($txt) ; $i++){
$stxt[$i] = str_replace("'","''",$txt[$i]) ;
$stxt[$i] = str_replace("//","////",$txt[$i]) ;
}

$stxt1 = $_POST['txt1'];
$stxt2 = $_POST['txt2'];
$stxt3 = $_POST['txt3'];
$stxt4 = $_POST['txt4'];
$stxt5 = $_POST['txt5'];
$stxt6 = $_POST['txt6'];
$stxt7 = $_POST['txt7'];
$nowpage = $_GET['nowpage'] ;
//=====================================================
$page1 = "prod_list.php" ;
//echo $nowpage ;
//echo $page1 ;
if($_POST['action'] == ""){
	$action = $_GET['action'] ;
}else{
   $action = $_POST['action'] ;
}

//=====================================================
switch($action){
//=====================================================
case "返回清單" :
$page = $page1 . "?page=$nowpage" ;
gotopage($page) ;
break;
//=====================================================
case "新增資料" :
$page = "prod_edit.php" ;
gotopage($page) ;
break;
//=====================================================
case "修改資料" :
$id = $_GET['pid'] ;

$page = "prod_edit.php?id=$id&nowpage=$nowpage" ;
gotopage($page) ;
break;
//=====================================================
case "新增" :
//------------------------------------------------------------------------------------------------
if(empty($stxt2) or empty($stxt3) or empty($stxt4) or empty($stxt5)){
$msg = "請輸入資料" ;
$page = "prod_edit.php" ;
msgpop($msg) ;
}else{

$sql_num = "select * from product order by id desc limit 1 " ;
$result_num = mysql_query($sql_num) ;
$row_num=mysql_fetch_object($result_num) ;
$num = $row_num->id ;
if(empty($num)){
$data_num = "PD000001" ;
}else{
$data_num = (substr($num, 0,2) . substr((1000000 + substr($num , 2,6) + 1) , 1 ,6)) ;
}

$sql_add = "insert into product set 
					id = '$data_num' , 
					name = '$stxt2' , 
					pd_count = '$stxt3' , 
					price_1 = '$stxt4' , 
					price_2 = '$stxt5' 
					" ;
$result_add = mysql_query($sql_add) ;
$msg = "資料新增完成" ;
$page = "prod_list.php" ;
msgpop($msg) ;
}
gotopage($page) ;
//------------------------------------------------------------------------------------------------
break;
//=====================================================
case "修改" :
//------------------------------------------------------------------------------------------------
if(empty($stxt2) or empty($stxt3) or empty($stxt4) or empty($stxt5)){
$msg = "請輸入資料" ;
$page = "prod_edit.php?id=$stxt1" ;
msgpop($msg) ;
}else{
//------------------------------------------------------------------------------------------------
$sql_up = "update product set 
					name = '$stxt2' , 
					pd_count = '$stxt3' , 
					price_1 = '$stxt4' , 
					price_2 = '$stxt5' 
					where id = '$stxt1' limit 1 
					" ;
$result_up = mysql_query($sql_up) ;
$msg = "資料修改完成" ;
$page = "prod_edit.php?id=$stxt1" ;
msgpop($msg) ;
}
gotopage($page) ;
//------------------------------------------------------------------------------------------------
break;
//=====================================================
case "刪除" :
//------------------------------------------------------------------------------------------------
$id = $_GET['pid'] ;
$sql_del = "delete from product where id = '$id' limit 1 " ;
$result_del = mysql_query($sql_del) ;
//------------------------------------------------------------------------------------------------
break;
//=====================================================
case "修改利率" :
//------------------------------------------------------------------------------------------------
//foreach ($txt as $key => $value) {
//$stxt[$key] = str_replace("'","''",$txt[$key]) ;
//$stxt[$key] = str_replace("//","////",$txt[$key]) ;
//}
$stxt1 = $_GET['txt1'];
$stxt2 = $_GET['txt2'];
$stxt3 = $_GET['txt3'];
$stxt4 = $_GET['txt4'];
$stxt5 = $_GET['txt5'];
$stxt6 = $_GET['txt6'];
$stxt7 = $_GET['txt7'];

$sql_up = "update stage set 
					three_rate = '$stxt2' , 
					six_rate = '$stxt3' , 
					twelve_rate = '$stxt4' , 
					tf_rate = '$stxt5',
					fare_limit = '$stxt6',
					fare = '$stxt7' 
					where id = '$stxt1' limit 1 
					" ;
$result_up = mysql_query($sql_up) ;

$msg = "資料修改完成" ;

echo $msg ;
//------------------------------------------------------------------------------------------------
break;
//=====================================================
case "登入" :
//------------------------------------------------------------------------------------------------
$account = $_POST['account'] ;
$pwd = $_POST['pwd'] ;
$sql_login = "select * from kart_manage where user_account = '$account' and user_password = '$pwd' and user_valid = 'Y' " ;
$result_login = mysql_query($sql_login) ;
$row_login = mysql_fetch_object($result_login);
$_SESSION['login_state'] = $row_login->user_auth ; 
if($_SESSION['login_state'] == "S" or $_SESSION['login_state'] == "P"){
$page = "prod_list.php" ;
 
}else{
$msg = "使用者帳號或密碼錯誤。" ;	
$page = "prod_login.php" ;
msgpop($msg) ;
}
//echo $sql_login ;
gotopage($page) ;
//------------------------------------------------------------------------------------------------
break;
//=====================================================
case "登出" :
//------------------------------------------------------------------------------------------------
session_destroy();
$page = "prod_login.php" ;
gotopage($page) ;
//------------------------------------------------------------------------------------------------
break;
//=====================================================

}

?>